Drizzle 및 SQLite3 관련 패키지/코드 삭제

src/lib/server/db/drizzle.ts

@@ -1,15 +0,0 @@
-import Database from "better-sqlite3";
-import { drizzle } from "drizzle-orm/better-sqlite3";
-import { migrate } from "drizzle-orm/better-sqlite3/migrator";
-import env from "$lib/server/loadenv";
-
-const client = new Database(env.databaseUrl);
-const db = drizzle(client);
-
-export const migrateDB = () => {
-  if (process.env.NODE_ENV === "production") {
-    migrate(db, { migrationsFolder: "./drizzle" });
-  }
-};
-
-export default db;

src/lib/server/db/migrations/1737357000-Initial.ts

@@ -0,0 +1,222 @@
+import { Kysely } from "kysely";
+
+export const up = async (db: Kysely<any>) => {
+  // user.ts
+  await db.schema
+    .createTable("user")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("email", "text", (col) => col.unique().notNull())
+    .addColumn("nickname", "text", (col) => col.notNull())
+    .addColumn("password", "text", (col) => col.notNull())
+    .execute();
+
+  // client.ts
+  await db.schema
+    .createTable("client")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("encryption_public_key", "text", (col) => col.unique().notNull())
+    .addColumn("signature_public_key", "text", (col) => col.unique().notNull())
+    .addUniqueConstraint("client_ak01", ["encryption_public_key", "signature_public_key"])
+    .execute();
+  await db.schema
+    .createTable("user_client")
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("client_id", "integer", (col) => col.references("client.id").notNull())
+    .addColumn("state", "text", (col) => col.notNull().defaultTo("challenging"))
+    .addPrimaryKeyConstraint("user_client_pk", ["user_id", "client_id"])
+    .execute();
+  await db.schema
+    .createTable("user_client_challenge")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("client_id", "integer", (col) => col.references("client.id").notNull())
+    .addColumn("answer", "text", (col) => col.unique().notNull())
+    .addColumn("allowed_ip", "text", (col) => col.notNull())
+    .addColumn("expires_at", "timestamp(3)", (col) => col.notNull())
+    .addForeignKeyConstraint(
+      "user_client_challenge_fk01",
+      ["user_id", "client_id"],
+      "user_client",
+      ["user_id", "client_id"],
+    )
+    .execute();
+
+  // session.ts
+  await db.schema
+    .createTable("session")
+    .addColumn("id", "text", (col) => col.primaryKey())
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("client_id", "integer", (col) => col.references("client.id"))
+    .addColumn("created_at", "timestamp(3)", (col) => col.notNull())
+    .addColumn("last_used_at", "timestamp(3)", (col) => col.notNull())
+    .addColumn("last_used_by_ip", "text")
+    .addColumn("last_used_by_agent", "text")
+    .addUniqueConstraint("session_ak01", ["user_id", "client_id"])
+    .execute();
+  await db.schema
+    .createTable("session_upgrade_challenge")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("session_id", "text", (col) => col.references("session.id").unique().notNull())
+    .addColumn("client_id", "integer", (col) => col.references("client.id").notNull())
+    .addColumn("answer", "text", (col) => col.unique().notNull())
+    .addColumn("allowed_ip", "text", (col) => col.notNull())
+    .addColumn("expires_at", "timestamp(3)", (col) => col.notNull())
+    .execute();
+
+  // mek.ts
+  await db.schema
+    .createTable("master_encryption_key")
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("version", "integer", (col) => col.notNull())
+    .addColumn("state", "text", (col) => col.notNull())
+    .addPrimaryKeyConstraint("master_encryption_key_pk", ["user_id", "version"])
+    .execute();
+  await db.schema
+    .createTable("master_encryption_key_log")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("master_encryption_key_version", "integer", (col) => col.notNull())
+    .addColumn("timestamp", "timestamp(3)", (col) => col.notNull())
+    .addColumn("action", "text", (col) => col.notNull())
+    .addColumn("action_by", "integer", (col) => col.references("client.id"))
+    .addForeignKeyConstraint(
+      "master_encryption_key_log_fk01",
+      ["user_id", "master_encryption_key_version"],
+      "master_encryption_key",
+      ["user_id", "version"],
+    )
+    .execute();
+  await db.schema
+    .createTable("client_master_encryption_key")
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("client_id", "integer", (col) => col.references("client.id").notNull())
+    .addColumn("version", "integer", (col) => col.notNull())
+    .addColumn("encrypted_key", "text", (col) => col.notNull())
+    .addColumn("encrypted_key_signature", "text", (col) => col.notNull())
+    .addPrimaryKeyConstraint("client_master_encryption_key_pk", ["user_id", "client_id", "version"])
+    .addForeignKeyConstraint(
+      "client_master_encryption_key_fk01",
+      ["user_id", "version"],
+      "master_encryption_key",
+      ["user_id", "version"],
+    )
+    .execute();
+
+  // hsk.ts
+  await db.schema
+    .createTable("hmac_secret_key")
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("version", "integer", (col) => col.notNull())
+    .addColumn("state", "text", (col) => col.notNull())
+    .addColumn("master_encryption_key_version", "integer", (col) => col.notNull())
+    .addColumn("encrypted_key", "text", (col) => col.unique().notNull())
+    .addPrimaryKeyConstraint("hmac_secret_key_pk", ["user_id", "version"])
+    .addForeignKeyConstraint(
+      "hmac_secret_key_fk01",
+      ["user_id", "master_encryption_key_version"],
+      "master_encryption_key",
+      ["user_id", "version"],
+    )
+    .execute();
+  await db.schema
+    .createTable("hmac_secret_key_log")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("hmac_secret_key_version", "integer", (col) => col.notNull())
+    .addColumn("timestamp", "timestamp(3)", (col) => col.notNull())
+    .addColumn("action", "text", (col) => col.notNull())
+    .addColumn("action_by", "integer", (col) => col.references("client.id"))
+    .addForeignKeyConstraint(
+      "hmac_secret_key_log_fk01",
+      ["user_id", "hmac_secret_key_version"],
+      "hmac_secret_key",
+      ["user_id", "version"],
+    )
+    .execute();
+
+  // file.ts
+  await db.schema
+    .createTable("directory")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("parent_id", "integer", (col) => col.references("directory.id"))
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("master_encryption_key_version", "integer", (col) => col.notNull())
+    .addColumn("encrypted_data_encryption_key", "text", (col) => col.unique().notNull())
+    .addColumn("data_encryption_key_version", "timestamp(3)", (col) => col.notNull())
+    .addColumn("encrypted_name", "json", (col) => col.notNull())
+    .addForeignKeyConstraint(
+      "directory_fk01",
+      ["user_id", "master_encryption_key_version"],
+      "master_encryption_key",
+      ["user_id", "version"],
+    )
+    .execute();
+  await db.schema
+    .createTable("directory_log")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("directory_id", "integer", (col) =>
+      col.references("directory.id").onDelete("cascade").notNull(),
+    )
+    .addColumn("timestamp", "timestamp(3)", (col) => col.notNull())
+    .addColumn("action", "text", (col) => col.notNull())
+    .addColumn("new_name", "json")
+    .execute();
+  await db.schema
+    .createTable("file")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("parent_id", "integer", (col) => col.references("directory.id"))
+    .addColumn("user_id", "integer", (col) => col.references("user.id").notNull())
+    .addColumn("path", "text", (col) => col.unique().notNull())
+    .addColumn("master_encryption_key_version", "integer", (col) => col.notNull())
+    .addColumn("encrypted_data_encryption_key", "text", (col) => col.unique().notNull())
+    .addColumn("data_encryption_key_version", "timestamp(3)", (col) => col.notNull())
+    .addColumn("hmac_secret_key_version", "integer")
+    .addColumn("content_hmac", "text")
+    .addColumn("content_type", "text", (col) => col.notNull())
+    .addColumn("encrypted_content_iv", "text", (col) => col.notNull())
+    .addColumn("encrypted_content_hash", "text", (col) => col.notNull())
+    .addColumn("encrypted_name", "json", (col) => col.notNull())
+    .addColumn("encrypted_created_at", "json")
+    .addColumn("encrypted_last_modified_at", "json", (col) => col.notNull())
+    .addForeignKeyConstraint(
+      "file_fk01",
+      ["user_id", "master_encryption_key_version"],
+      "master_encryption_key",
+      ["user_id", "version"],
+    )
+    .addForeignKeyConstraint(
+      "file_fk02",
+      ["user_id", "hmac_secret_key_version"],
+      "hmac_secret_key",
+      ["user_id", "version"],
+    )
+    .execute();
+  await db.schema
+    .createTable("file_log")
+    .addColumn("id", "integer", (col) => col.primaryKey().generatedAlwaysAsIdentity())
+    .addColumn("file_id", "integer", (col) =>
+      col.references("file.id").onDelete("cascade").notNull(),
+    )
+    .addColumn("timestamp", "timestamp(3)", (col) => col.notNull())
+    .addColumn("action", "text", (col) => col.notNull())
+    .addColumn("new_name", "json")
+    .execute();
+};
+
+export const down = async (db: Kysely<any>) => {
+  await db.schema.dropTable("file_log").execute();
+  await db.schema.dropTable("file").execute();
+  await db.schema.dropTable("directory_log").execute();
+  await db.schema.dropTable("directory").execute();
+  await db.schema.dropTable("hmac_secret_key_log").execute();
+  await db.schema.dropTable("hmac_secret_key").execute();
+  await db.schema.dropTable("client_master_encryption_key").execute();
+  await db.schema.dropTable("master_encryption_key_log").execute();
+  await db.schema.dropTable("master_encryption_key").execute();
+  await db.schema.dropTable("session_upgrade_challenge").execute();
+  await db.schema.dropTable("session").execute();
+  await db.schema.dropTable("user_client_challenge").execute();
+  await db.schema.dropTable("user_client").execute();
+  await db.schema.dropTable("client").execute();
+  await db.schema.dropTable("user").execute();
+};

src/lib/server/db/schema/client.ts

@@ -1,65 +1,4 @@
-import {
-  sqliteTable,
-  text,
-  integer,
-  primaryKey,
-  foreignKey,
-  unique,
-} from "drizzle-orm/sqlite-core";
 import type { ColumnType, Generated } from "kysely";
-import { user } from "./user";
-
-export const client = sqliteTable(
-  "client",
-  {
-    id: integer("id").primaryKey({ autoIncrement: true }),
-    encPubKey: text("encryption_public_key").notNull().unique(), // Base64
-    sigPubKey: text("signature_public_key").notNull().unique(), // Base64
-  },
-  (t) => ({
-    unq: unique().on(t.encPubKey, t.sigPubKey),
-  }),
-);
-
-export const userClient = sqliteTable(
-  "user_client",
-  {
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    clientId: integer("client_id")
-      .notNull()
-      .references(() => client.id),
-    state: text("state", { enum: ["challenging", "pending", "active"] })
-      .notNull()
-      .default("challenging"),
-  },
-  (t) => ({
-    pk: primaryKey({ columns: [t.userId, t.clientId] }),
-  }),
-);
-
-export const userClientChallenge = sqliteTable(
-  "user_client_challenge",
-  {
-    id: integer("id").primaryKey(),
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    clientId: integer("client_id")
-      .notNull()
-      .references(() => client.id),
-    answer: text("answer").notNull().unique(), // Base64
-    allowedIp: text("allowed_ip").notNull(),
-    expiresAt: integer("expires_at", { mode: "timestamp_ms" }).notNull(),
-  },
-  (t) => ({
-    ref: foreignKey({
-      columns: [t.userId, t.clientId],
-      foreignColumns: [userClient.userId, userClient.clientId],
-    }),
-  }),
-);
 
 interface ClientTable {
   id: Generated<number>;

src/lib/server/db/schema/file.ts

@@ -1,92 +1,4 @@
-import { sqliteTable, text, integer, foreignKey } from "drizzle-orm/sqlite-core";
 import type { ColumnType, Generated } from "kysely";
-import { hsk } from "./hsk";
-import { mek } from "./mek";
-import { user } from "./user";
-
-const ciphertext = (name: string) =>
-  text(name, { mode: "json" }).$type<{
-    ciphertext: string; // Base64
-    iv: string; // Base64
-  }>();
-
-export const directory = sqliteTable(
-  "directory",
-  {
-    id: integer("id").primaryKey({ autoIncrement: true }),
-    parentId: integer("parent_id"),
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    mekVersion: integer("master_encryption_key_version").notNull(),
-    encDek: text("encrypted_data_encryption_key").notNull().unique(), // Base64
-    dekVersion: integer("data_encryption_key_version", { mode: "timestamp_ms" }).notNull(),
-    encName: ciphertext("encrypted_name").notNull(),
-  },
-  (t) => ({
-    ref1: foreignKey({
-      columns: [t.parentId],
-      foreignColumns: [t.id],
-    }),
-    ref2: foreignKey({
-      columns: [t.userId, t.mekVersion],
-      foreignColumns: [mek.userId, mek.version],
-    }),
-  }),
-);
-
-export const directoryLog = sqliteTable("directory_log", {
-  id: integer("id").primaryKey({ autoIncrement: true }),
-  directoryId: integer("directory_id")
-    .notNull()
-    .references(() => directory.id, { onDelete: "cascade" }),
-  timestamp: integer("timestamp", { mode: "timestamp_ms" }).notNull(),
-  action: text("action", { enum: ["create", "rename"] }).notNull(),
-  newName: ciphertext("new_name"),
-});
-
-export const file = sqliteTable(
-  "file",
-  {
-    id: integer("id").primaryKey({ autoIncrement: true }),
-    parentId: integer("parent_id").references(() => directory.id),
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    path: text("path").notNull().unique(),
-    mekVersion: integer("master_encryption_key_version").notNull(),
-    encDek: text("encrypted_data_encryption_key").notNull().unique(), // Base64
-    dekVersion: integer("data_encryption_key_version", { mode: "timestamp_ms" }).notNull(),
-    hskVersion: integer("hmac_secret_key_version"),
-    contentHmac: text("content_hmac"), // Base64
-    contentType: text("content_type").notNull(),
-    encContentIv: text("encrypted_content_iv").notNull(), // Base64
-    encContentHash: text("encrypted_content_hash").notNull(), // Base64
-    encName: ciphertext("encrypted_name").notNull(),
-    encCreatedAt: ciphertext("encrypted_created_at"),
-    encLastModifiedAt: ciphertext("encrypted_last_modified_at").notNull(),
-  },
-  (t) => ({
-    ref1: foreignKey({
-      columns: [t.userId, t.mekVersion],
-      foreignColumns: [mek.userId, mek.version],
-    }),
-    ref2: foreignKey({
-      columns: [t.userId, t.hskVersion],
-      foreignColumns: [hsk.userId, hsk.version],
-    }),
-  }),
-);
-
-export const fileLog = sqliteTable("file_log", {
-  id: integer("id").primaryKey({ autoIncrement: true }),
-  fileId: integer("file_id")
-    .notNull()
-    .references(() => file.id, { onDelete: "cascade" }),
-  timestamp: integer("timestamp", { mode: "timestamp_ms" }).notNull(),
-  action: text("action", { enum: ["create", "rename"] }).notNull(),
-  newName: ciphertext("new_name"),
-});
 
 export type Ciphertext = {
   ciphertext: string; // Base64

src/lib/server/db/schema/hsk.ts

@@ -1,48 +1,4 @@
-import { sqliteTable, text, integer, primaryKey, foreignKey } from "drizzle-orm/sqlite-core";
 import type { ColumnType, Generated } from "kysely";
-import { client } from "./client";
-import { mek } from "./mek";
-import { user } from "./user";
-
-export const hsk = sqliteTable(
-  "hmac_secret_key",
-  {
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    version: integer("version").notNull(),
-    state: text("state", { enum: ["active"] }).notNull(),
-    mekVersion: integer("master_encryption_key_version").notNull(),
-    encHsk: text("encrypted_key").notNull().unique(), // Base64
-  },
-  (t) => ({
-    pk: primaryKey({ columns: [t.userId, t.version] }),
-    ref: foreignKey({
-      columns: [t.userId, t.mekVersion],
-      foreignColumns: [mek.userId, mek.version],
-    }),
-  }),
-);
-
-export const hskLog = sqliteTable(
-  "hmac_secret_key_log",
-  {
-    id: integer("id").primaryKey({ autoIncrement: true }),
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    hskVersion: integer("hmac_secret_key_version").notNull(),
-    timestamp: integer("timestamp", { mode: "timestamp_ms" }).notNull(),
-    action: text("action", { enum: ["create"] }).notNull(),
-    actionBy: integer("action_by").references(() => client.id),
-  },
-  (t) => ({
-    ref: foreignKey({
-      columns: [t.userId, t.hskVersion],
-      foreignColumns: [hsk.userId, hsk.version],
-    }),
-  }),
-);
 
 export type HskState = "active";
 

src/lib/server/db/schema/mek.ts

@@ -1,64 +1,4 @@
-import { sqliteTable, text, integer, primaryKey, foreignKey } from "drizzle-orm/sqlite-core";
 import type { ColumnType, Generated } from "kysely";
-import { client } from "./client";
-import { user } from "./user";
-
-export const mek = sqliteTable(
-  "master_encryption_key",
-  {
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    version: integer("version").notNull(),
-    state: text("state", { enum: ["active", "retired", "dead"] }).notNull(),
-    retiredAt: integer("retired_at", { mode: "timestamp_ms" }),
-  },
-  (t) => ({
-    pk: primaryKey({ columns: [t.userId, t.version] }),
-  }),
-);
-
-export const mekLog = sqliteTable(
-  "master_encryption_key_log",
-  {
-    id: integer("id").primaryKey({ autoIncrement: true }),
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    mekVersion: integer("master_encryption_key_version").notNull(),
-    timestamp: integer("timestamp", { mode: "timestamp_ms" }).notNull(),
-    action: text("action", { enum: ["create"] }).notNull(),
-    actionBy: integer("action_by").references(() => client.id),
-  },
-  (t) => ({
-    ref: foreignKey({
-      columns: [t.userId, t.mekVersion],
-      foreignColumns: [mek.userId, mek.version],
-    }),
-  }),
-);
-
-export const clientMek = sqliteTable(
-  "client_master_encryption_key",
-  {
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    clientId: integer("client_id")
-      .notNull()
-      .references(() => client.id),
-    mekVersion: integer("version").notNull(),
-    encMek: text("encrypted_key").notNull(), // Base64
-    encMekSig: text("encrypted_key_signature").notNull(), // Base64
-  },
-  (t) => ({
-    pk: primaryKey({ columns: [t.userId, t.clientId, t.mekVersion] }),
-    ref: foreignKey({
-      columns: [t.userId, t.mekVersion],
-      foreignColumns: [mek.userId, mek.version],
-    }),
-  }),
-);
 
 export type MekState = "active" | "retired" | "dead";
 

src/lib/server/db/schema/session.ts

@@ -1,39 +1,4 @@
-import { sqliteTable, text, integer, unique } from "drizzle-orm/sqlite-core";
 import type { ColumnType, Generated } from "kysely";
-import { client } from "./client";
-import { user } from "./user";
-
-export const session = sqliteTable(
-  "session",
-  {
-    id: text("id").notNull().primaryKey(),
-    userId: integer("user_id")
-      .notNull()
-      .references(() => user.id),
-    clientId: integer("client_id").references(() => client.id),
-    createdAt: integer("created_at", { mode: "timestamp_ms" }).notNull(),
-    lastUsedAt: integer("last_used_at", { mode: "timestamp_ms" }).notNull(),
-    lastUsedByIp: text("last_used_by_ip"),
-    lastUsedByUserAgent: text("last_used_by_user_agent"),
-  },
-  (t) => ({
-    unq: unique().on(t.userId, t.clientId),
-  }),
-);
-
-export const sessionUpgradeChallenge = sqliteTable("session_upgrade_challenge", {
-  id: integer("id").primaryKey(),
-  sessionId: text("session_id")
-    .notNull()
-    .references(() => session.id)
-    .unique(),
-  clientId: integer("client_id")
-    .notNull()
-    .references(() => client.id),
-  answer: text("answer").notNull().unique(), // Base64
-  allowedIp: text("allowed_ip").notNull(),
-  expiresAt: integer("expires_at", { mode: "timestamp_ms" }).notNull(),
-});
 
 interface SessionTable {
   id: string;

src/lib/server/db/schema/user.ts

@@ -1,13 +1,5 @@
-import { sqliteTable, text, integer } from "drizzle-orm/sqlite-core";
 import type { Generated } from "kysely";
 
-export const user = sqliteTable("user", {
-  id: integer("id").primaryKey({ autoIncrement: true }),
-  email: text("email").notNull().unique(),
-  password: text("password").notNull(),
-  nickname: text("nickname").notNull(),
-});
-
 interface UserTable {
   id: Generated<number>;
   email: string;

src/lib/server/loadenv.ts

@@ -9,8 +9,8 @@ if (!building) {
 
 export default {
   database: {
-    host: env.DATABASE_HOST || "localhost",
-    port: parseInt(env.DATABASE_PORT || "5432", 10),
+    host: env.DATABASE_HOST,
+    port: env.DATABASE_PORT ? parseInt(env.DATABASE_PORT, 10) : undefined,
     user: env.DATABASE_USER,
     password: env.DATABASE_PASSWORD!,
     name: env.DATABASE_NAME,